An Improved Authentication Scheme for BLE Devices with no I/O Capabilities

by   Chandranshu Gupta, et al.

Bluetooth Low Energy (BLE) devices have become very popular because of their Low energy consumption and hence a prolonged battery life. They are being used in smart wearable devices, smart home automation system, beacons and many more areas. BLE uses pairing mechanisms to achieve a level of peer entity authentication as well as encryption. Although, there are a set of pairing mechanisms available but BLE devices having no keyboard or display mechanism (and hence using the Just Works pairing) are still vulnerable. In this paper, we propose and implement, a light-weight digital certificate based authentication mechanism for the BLE devices making use of Just Works model. The proposed model is an add-on to the already existing pairing mechanism and therefore can be easily incorporated in the existing BLE stack. To counter the existing Man-in-The-Middle attack scenario in Just Works pairing (device spoofing), our proposed model allows the client and peripheral to make use of the popular Public Key Infrastructure (PKI) to establish peer entity authentication and a secure cryptographic tunnel for communication. We have also developed a lightweight BLE profiled digital certificate containing the bare minimum fields required for resource constrained devices, which significantly reduces the memory (about 90% reduction) and energy consumption. We have experimentally evaluated the energy consumption of the device using the proposed pairing mechanism to demonstrate that the model can be easily deployed with less changes to the power requirements of the chips. The model has been formally verified using automatic verification tool for protocol testing.


page 14

page 17


Secure, Anonymity-Preserving and Lightweight Mutual Authentication and Key Agreement Protocol for Home Automation IoT Networks

Home automation Internet of Things (IoT) systems have recently become a ...

Ultra Lightweight Multiple-time Digital Signature for the Internet of Things Devices

Digital signatures are basic cryptographic tools to provide authenticati...

Real-Time Energy Monitoring in IoT-enabled Mobile Devices

With rapid advancements in the Internet of Things (IoT) paradigm, electr...

LiSA: A Lightweight and Secure Authentication Mechanism for Smart Metering Infrastructure

Smart metering infrastructure (SMI) is the core component of the smart g...

Strong authentication on smart wireless devices

The rapid deployment of wireless technologies has given rise to the curr...

RFID authentication protocol based on a novel EPC Gen2 PRNG

Continuous advances of Information Technologies (ITs), and in particular...

IMDfence: Architecting a Secure Protocol for Implantable Medical Devices

Over the past decade, focus on the security and privacy aspects of impla...

Please sign up or login with your details

Forgot password? Click here to reset